commit | daf8790ae7984fbe1917c8446a7c289cff533b1c | [log] [tgz] |
---|---|---|
author | Jesse Selover <jselover@chromium.org> | Mon Dec 03 20:44:30 2018 |
committer | Commit Bot <commit-bot@chromium.org> | Mon Dec 03 20:44:30 2018 |
tree | d9946644dc2c25d372b3c29f23dc61b42ed8d3b1 | |
parent | eda6f1d4f188141803cf61559826f9582d2b95b0 [diff] |
Replace ignore_cert_errors with an SSLConfig-level bool. ignore_certificate_errors in HttpNetworkSession, which is set by the --ignore-certificate-errors command-line flag, is currently implemented by continuing to use the SSLClientSocket after Connect() fails with a certificate error. Since we currently don't verify until after the handshake, it's safe to ignore the errors and we still allow Read() and Write(). At higher levels, we map the certificate errors back to OK. This is confusing and will longer work when certificate verification happens inside the handshake. A certificate error will mean the handshake hasn't completed. Instead, route the boolean into SSLClientSocketImpl and map the error to OK there. This allows us to remove the error-mapping logic at each of the higher levels. Bug: 347402 Change-Id: I7318e7e9d9e0a3cb0287555b3fd24c9347cc9821 Reviewed-on: https://chromium-review.googlesource.com/c/1343054 Commit-Queue: Jesse Selover <jselover@chromium.org> Reviewed-by: David Benjamin <davidben@chromium.org> Cr-Commit-Position: refs/heads/master@{#613232}
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.
The project's web site is https://www.chromium.org.
Documentation in the source is rooted in docs/README.md.
Learn how to Get Around the Chromium Source Code Directory Structure .